How Exchanges Are Dealing With Cyberattacks

While blockchain may have changed completely the way we look at transactions and banking, the brief nine-year existence of cryptocurrencies has been checkered with some monumental hackings and thefts.

The crypto world had witnessed some monumental heists. Almost all of them are completely different but what is more important is how the teams in charge of these exchanges have gone about addressing these attacks.

Let’s take a look at a number of instances involving some of the biggest exchange operators over the past nine years.

Mt. Gox

Mt. Gox stands out as the most notorious incident since Bitcoin’s inception and it set the bar pretty high in terms of the effect it had on the cryptocurrency world, Bitcoin’s value and sentiments towards virtual currencies.

The theft of over 850,000 Bitcoin has made headlines over the past four years and has been a major talking point in March. At the height of its power in 2013, Mt. Gox was the biggest exchange in the world responsible for around 80 percent of all Bitcoin transactions.

The circumstances surrounding the hack are still not crystal clear, but a number of people were arrested for their involvement in the embezzlement of funds stolen.

Once again, it’s hard to refer to Mt. Gox as a hack, as then CEO Mark Karpelès was charged with embezzlement and fraud for his involvement in the movement of some of the ‘lost funds,’ not to mention various associates that were implicitly involved in the debacle.

Coincheck

Fast forward to 2018, this modern-day hack has the unfortunate title of the biggest cryptocurrency hack in history if we’re talking about the value of the virtual currency that was stolen.

While it’s not clear how it happened, a hacker gained access to the private key of the Coincheck online wallet and moved 523 mln NEM coins roughly worth $500 mln.

The exchange was crucified for its poor security standards and the fact that such a large amount of cryptocurrency tokens were kept in a single address.

Nevertheless, unlike Mt. Gox, the exchange worked swiftly to reduce the damage done by canceling transactions, ruled out a hard fork to undo the damage and actually managed to create a tagging system that allowed them to track all of the stolen NEM coins.

Having flagged the stolen cryptocurrency, hackers were unable to sell or convert their loot on different exchanges. Furthermore, Coincheck vowed to begin repaying users for lost funds, which they’ve already started doing.

Binance

Renowned as the largest cryptocurrency exchange by volume, Binance is the most recent big player to hit by a cyber attack.

Unlike the insider job at Mt. Gox and the stolen private key at Coincheck, Binance were somewhat perplexed by a far more sophisticated modus operandi. However, miraculously or not, the exchange’s security systems picked up the suspicious activity and the hackers were unable to make off with any stolen coin.

On March 7 numerous users started complaining on Reddit and social media platforms that unauthorized transactions were being made on their accounts.

According to the Binance team, the hackers used phishing websites to hijack users’ login information. Once they’d acquired enough accounts, they created trading API keys with the user accounts.

Then on March 7, the hackers used the keys and placed buy orders on the VIA/BTC market which pushed the price up. VIA tokens had been moved to 31 specific accounts, sold at the highest price, which would have moved BTC from compromised accounts to the 31 accounts.

Bitgrail

Bitgrail is another exchange that suffered one of the most recent cyber attacks. The Italian exchange lost 17 mln Nano tokens, estimated at around $187 mln in value, in suspicious circumstances.

Bitgrail founder Francesco Firano maintains the fault lies with the Nano development team and its Blockchain, while the Nano team has refuted those claims in exclusive interviews with Cointelegraph.

They’ve since announced that refunds will be made to users, but Bitgrail users have to sign an agreement that effectively rules out any future legal action against the Italian exchange.

Mining service Nicehash

Another instance that made big headlines was the hacking of mining service Nicehash. Over 4,000 Bitcoin, worth around $63 mln at the time, was stolen by hackers from the Nicehash wallet.

The popular service did well to consolidate after the attack. A change of CEO saw them resume their services after a few weeks and they pledged to refund all users affected by the cybertheft, which started in February 2018.

Summarizing all these different examples, it could be said that different cryptocurrency services use different ways of dealing with cyberattacks and the reaction on hacks is almost entirely dependent on the ethics and credibility of respective management teams.